Pages

Thursday, May 26, 2016

ICS-CERT Publishes Three Advisories

This morning the DHS ICS-CERT published three control system
security advisories for products from Black Box, Sixnet and Environmental
Systems Corporation.

Black Box Advisory

This advisory
describes a credential management vulnerability in the Black Box AlertWerks
ServSensor devices. The vulnerability was reported by Lee Ryman. Black Box has
produced a new firmware version to mitigate the vulnerability and Ryman has
verified the efficacy of the fix.

ICS-CERT reports that a relatively unskilled attacker could
remotely exploit this vulnerability to gain access system passwords.

Sixnet Advisory

This advisory
describes a hard-coded credential vulnerability in the Sixnet BT series routers.
The vulnerability was reported by Neil Smith. Sixnet has produced a new
firmware version and updates to mitigate the vulnerability. There is no
indication that Smith has been provided the opportunity to verify the efficacy
of the fix.

ICS-CERT reports that a relatively unskilled attacker could
use publicly available exploits to remotely exploit the vulnerability to gain
full access to the affected device.

The Sixnet
web site does not yet (as of 22:00 EDT, 5-26-16) have the new version of
the BT firmware listed.

Environmental Systems Corporation Advisory

This advisory
describes twin vulnerabilities in the ESC 8832 Data Controller. The
vulnerabilities were independently reported by Maxim Rupp and Balazs Makany.
ESC reports that there is no code space for a firmware update so it has
designed compensating controls to mitigate the vulnerabilities. There is no
indication that either Rupp or Makany have been provided an opportunity to
verify the efficacy of the fix.

The two vulnerabilities are:

• Authentication bypass - CVE-2016-4501;
and

• Privilege management - CVE-2016-4502

ICS-CERT reports that a relatively unskilled attacker could
use publicly available information to remotely exploit the vulnerability to
perform administrative operations over the network without authentication.

ESC recommends replacing the device or blocking Port 80 with
a firewall.

About Me

I spent 15 years in the US Army as an Infantry NCO. After getting out of the Army I started working in the chemical industry, getting my BSc Chemistry degree while working as a technician. I spent 12 years working as a process chemist in a specialty chemical company. Most recently I worked as a QA/R&D Manager in a specialty chemical manufacturing facility. Currently I am working as a freelance writer.